package com.jeect.gateway4.config;

import com.jeect.gateway4.filter.AuthURLFilter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.stereotype.Component;

@Component
public class AuthSecurityConfig extends WebSecurityConfigurerAdapter {
    @Value("${zuul.prefix}")
    private String zuulPrefix;
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable()
                .formLogin().loginProcessingUrl("/auth/check")
                .and()
                .addFilterBefore(new AuthURLFilter(zuulPrefix), UsernamePasswordAuthenticationFilter.class)
                .authorizeRequests().anyRequest().permitAll();
    }
}
